Crafted TCP Packet Can Cause Denial of Service

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The Cisco IOS Transmission Control Protocol (TCP) listener in certain
versions of Cisco IOS software is vulnerable to a remotely-exploitable
memory leak that may lead to a denial of service condition.
This vulnerability only applies to traffic destined to the Cisco IOS
device. Traffic transiting the Cisco IOS device will not trigger this
vulnerability.
Cisco has made free software available to address this vulnerability
for affected customers.

See also :

http://www.nessus.org/u?7468b1c7

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20070124-crafted-tcp.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: CISCO

Nessus Plugin ID: 48997 (cisco-sa-20070124-crafted-tcphttp.nasl)

Bugtraq ID:

CVE ID: CVE-2007-0479

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial